![]() |
S32 SDK
|
Cryptographic Services Engine Peripheral Driver.
To access the command feature set, the part must be configured for EEE operation, using the PGMPART command. This can be implemented by using the Flash driver. By enabling security features and configuring a number of user keys, the total size of the 4 KByte EEERAM will be reduced by the space required to store the user keys. The user key space will then effectively be unaddressable space in the EEERAM.
At the bottom of this page is an example of making this configuration using the Flash driver. For more details related to the FLASH_DRV_DEFlashPartition function, please refer to the Flash driver documentation. Please note that this configuration is required only once and should not be lanched from Flash memory.
In order to use the CSEc driver in your application, the CSEC_DRV_Init function should be called prior to using the rest of the API. The parameter of this function is used for holding the internal state of the driver throughout the lifetime of the application.
This is the high level flow in which to initialize and generate random numbers.
In order to update a key, the user must have knowledge of a valid authentication secret, i.e. another key (AuthID). If the key AuthID is empty, the key update will only work if AuthID = ID (the key that will be updated will represent the AuthID from now on), otherwise CSEC_KEY_EMPTY is returned.
The M1-M3 values need to be computed according to the SHE Specification in order to update a key slot. The CSEC_DRV_LoadKey function will require those values. After successfully updating the key slot, two verification values will be returned: M4 and M5. The user can compute the two values and compare them with the ones returned by the CSEC_DRV_LoadKey function in order to ensure the slot was updated as desired. Please refer to the CSEc driver example for a reference implementation of the memory update protocol.
Examples:
Using the Flash driver to partition Flash for CSEc operation
Encryption using AES EBC mode
Generating and verifying CMAC for a message
Generating random bits
Data Structures | |
struct | csec_state_t |
Internal driver state information. More... | |
Macros | |
#define | CSEC_STATUS_BUSY (0x1U) |
The bit is set whenever SHE is processing a command. More... | |
#define | CSEC_STATUS_SECURE_BOOT (0x2U) |
The bit is set if the secure booting is activated. More... | |
#define | CSEC_STATUS_BOOT_INIT (0x4U) |
The bit is set if the secure booting has been personalized during the boot sequence. More... | |
#define | CSEC_STATUS_BOOT_FINISHED (0x8U) |
The bit is set when the secure booting has been finished by calling either CMD_BOOT_FAILURE or CMD_BOOT_OK or if CMD_SECURE_BOOT failed in verifying BOOT_MAC. More... | |
#define | CSEC_STATUS_BOOT_OK (0x10U) |
The bit is set if the secure booting (CMD_SECURE_BOOT) succeeded. If CMD_BOOT_FAILURE is called the bit is erased. More... | |
#define | CSEC_STATUS_RND_INIT (0x20U) |
The bit is set if the random number generator has been initialized. More... | |
#define | CSEC_STATUS_EXT_DEBUGGER (0x40U) |
The bit is set if an external debugger is connected to the chip. More... | |
#define | CSEC_STATUS_INT_DEBUGGER (0x80U) |
The bit is set if the internal debugging mechanisms of SHE are activated. More... | |
Typedefs | |
typedef uint8_t | csec_status_t |
Represents the status of the CSEc module. Provides one bit for each status code as per SHE specification. CSEC_STATUS_* masks can be used for verifying the status. More... | |
typedef void(* | csec_callback_t) (csec_cmd_t completedCmd, void *callbackParam) |
CSEc asynchronous command complete callback function type. More... | |
Functions | |
void | CSEC_DRV_Init (csec_state_t *state) |
Initializes the internal state of the driver and enables the FTFC interrupt. More... | |
void | CSEC_DRV_Deinit (void) |
Clears the internal state of the driver and disables the FTFC interrupt. More... | |
status_t | CSEC_DRV_EncryptECB (csec_key_id_t keyId, const uint8_t *plainText, uint32_t length, uint8_t *cipherText) |
Performs the AES-128 encryption in ECB mode. More... | |
status_t | CSEC_DRV_DecryptECB (csec_key_id_t keyId, const uint8_t *cipherText, uint32_t length, uint8_t *plainText) |
Performs the AES-128 decryption in ECB mode. More... | |
status_t | CSEC_DRV_EncryptCBC (csec_key_id_t keyId, const uint8_t *plainText, uint32_t length, const uint8_t *iv, uint8_t *cipherText) |
Performs the AES-128 encryption in CBC mode. More... | |
status_t | CSEC_DRV_DecryptCBC (csec_key_id_t keyId, const uint8_t *cipherText, uint16_t length, const uint8_t *iv, uint8_t *plainText) |
Performs the AES-128 decryption in CBC mode. More... | |
status_t | CSEC_DRV_GenerateMAC (csec_key_id_t keyId, const uint8_t *msg, uint32_t msgLen, uint8_t *cmac) |
Calculates the MAC of a given message using CMAC with AES-128. More... | |
status_t | CSEC_DRV_GenerateMACAddrMode (csec_key_id_t keyId, const uint8_t *msg, uint32_t msgLen, uint8_t *cmac) |
Calculates the MAC of a given message (located in Flash) using CMAC with AES-128. More... | |
status_t | CSEC_DRV_VerifyMAC (csec_key_id_t keyId, const uint8_t *msg, uint32_t msgLen, const uint8_t *mac, uint16_t macLen, bool *verifStatus) |
Verifies the MAC of a given message using CMAC with AES-128. More... | |
status_t | CSEC_DRV_VerifyMACAddrMode (csec_key_id_t keyId, const uint8_t *msg, uint32_t msgLen, const uint8_t *mac, uint16_t macLen, bool *verifStatus) |
Verifies the MAC of a given message (located in Flash) using CMAC with AES-128. More... | |
status_t | CSEC_DRV_LoadKey (csec_key_id_t keyId, const uint8_t *m1, const uint8_t *m2, const uint8_t *m3, uint8_t *m4, uint8_t *m5) |
Updates an internal key per the SHE specification. More... | |
status_t | CSEC_DRV_LoadPlainKey (const uint8_t *plainKey) |
Updates the RAM key memory slot with a 128-bit plaintext. More... | |
status_t | CSEC_DRV_ExportRAMKey (uint8_t *m1, uint8_t *m2, uint8_t *m3, uint8_t *m4, uint8_t *m5) |
Exports the RAM_KEY into a format protected by SECRET_KEY. More... | |
status_t | CSEC_DRV_InitRNG (void) |
Initializes the seed and derives a key for the PRNG. More... | |
status_t | CSEC_DRV_ExtendSeed (const uint8_t *entropy) |
Extends the seed of the PRNG. More... | |
status_t | CSEC_DRV_GenerateRND (uint8_t *rnd) |
Generates a vector of 128 random bits. More... | |
status_t | CSEC_DRV_BootFailure (void) |
Signals a failure detected during later stages of the boot process. More... | |
status_t | CSEC_DRV_BootOK (void) |
Marks a successful boot verification during later stages of the boot process. More... | |
status_t | CSEC_DRV_BootDefine (uint32_t bootSize, csec_boot_flavor_t bootFlavor) |
Implements an extension of the SHE standard to define both the user boot size and boot method. More... | |
static csec_status_t | CSEC_DRV_GetStatus (void) |
Returns the content of the status register. More... | |
status_t | CSEC_DRV_GetID (const uint8_t *challenge, uint8_t *uid, uint8_t *sreg, uint8_t *mac) |
Returns the identity (UID) and the value of the status register protected by a MAC over a challenge and the data. More... | |
status_t | CSEC_DRV_DbgChal (uint8_t *challenge) |
Obtains a random number which the user shall use along with the MASTER_ECU_KEY and UID to return an authorization request. More... | |
status_t | CSEC_DRV_DbgAuth (const uint8_t *authorization) |
Erases all keys (actual and outdated) stored in NVM Memory if the authorization is confirmed by CSEc. More... | |
status_t | CSEC_DRV_MPCompress (const uint8_t *msg, uint16_t msgLen, uint8_t *mpCompress) |
Compresses the given messages by accessing the Miyaguchi-Prenell compression feature with in the CSEc feature set. More... | |
status_t | CSEC_DRV_EncryptECBAsync (csec_key_id_t keyId, const uint8_t *plainText, uint32_t length, uint8_t *cipherText) |
Asynchronously performs the AES-128 encryption in ECB mode. More... | |
status_t | CSEC_DRV_DecryptECBAsync (csec_key_id_t keyId, const uint8_t *cipherText, uint32_t length, uint8_t *plainText) |
Asynchronously performs the AES-128 decryption in ECB mode. More... | |
status_t | CSEC_DRV_EncryptCBCAsync (csec_key_id_t keyId, const uint8_t *cipherText, uint16_t length, const uint8_t *iv, uint8_t *plainText) |
Asynchronously performs the AES-128 encryption in CBC mode. More... | |
status_t | CSEC_DRV_DecryptCBCAsync (csec_key_id_t keyId, const uint8_t *cipherText, uint32_t length, const uint8_t *iv, uint8_t *plainText) |
Asynchronously performs the AES-128 decryption in CBC mode. More... | |
status_t | CSEC_DRV_GenerateMACAsync (csec_key_id_t keyId, const uint8_t *msg, uint32_t msgLen, uint8_t *cmac) |
Asynchronously calculates the MAC of a given message using CMAC with AES-128. More... | |
status_t | CSEC_DRV_VerifyMACAsync (csec_key_id_t keyId, const uint8_t *msg, uint32_t msgLen, const uint8_t *mac, uint16_t macLen, bool *verifStatus) |
Asynchronously verifies the MAC of a given message using CMAC with AES-128. More... | |
status_t | CSEC_DRV_GetAsyncCmdStatus (void) |
Checks the status of the execution of an asynchronous command. More... | |
void | CSEC_DRV_InstallCallback (csec_callback_t callbackFunc, void *callbackParam) |
Installs a callback function which will be invoked when an asynchronous command finishes its execution. More... | |
#define CSEC_STATUS_BOOT_FINISHED (0x8U) |
The bit is set when the secure booting has been finished by calling either CMD_BOOT_FAILURE or CMD_BOOT_OK or if CMD_SECURE_BOOT failed in verifying BOOT_MAC.
Definition at line 72 of file csec_driver.h.
#define CSEC_STATUS_BOOT_INIT (0x4U) |
The bit is set if the secure booting has been personalized during the boot sequence.
Definition at line 68 of file csec_driver.h.
#define CSEC_STATUS_BOOT_OK (0x10U) |
The bit is set if the secure booting (CMD_SECURE_BOOT) succeeded. If CMD_BOOT_FAILURE is called the bit is erased.
Definition at line 75 of file csec_driver.h.
#define CSEC_STATUS_BUSY (0x1U) |
The bit is set whenever SHE is processing a command.
Definition at line 63 of file csec_driver.h.
#define CSEC_STATUS_EXT_DEBUGGER (0x40U) |
The bit is set if an external debugger is connected to the chip.
Definition at line 79 of file csec_driver.h.
#define CSEC_STATUS_INT_DEBUGGER (0x80U) |
The bit is set if the internal debugging mechanisms of SHE are activated.
Definition at line 82 of file csec_driver.h.
#define CSEC_STATUS_RND_INIT (0x20U) |
The bit is set if the random number generator has been initialized.
Definition at line 77 of file csec_driver.h.
#define CSEC_STATUS_SECURE_BOOT (0x2U) |
The bit is set if the secure booting is activated.
Definition at line 65 of file csec_driver.h.
typedef void(* csec_callback_t) (csec_cmd_t completedCmd, void *callbackParam) |
CSEc asynchronous command complete callback function type.
Implements : csec_callback_t_Class
Definition at line 185 of file csec_driver.h.
typedef uint8_t csec_status_t |
Represents the status of the CSEc module. Provides one bit for each status code as per SHE specification. CSEC_STATUS_* masks can be used for verifying the status.
Implements : csec_status_t_Class
Definition at line 91 of file csec_driver.h.
enum csec_boot_flavor_t |
Specifies the boot type for the BOOT_DEFINE command.
Implements : csec_boot_flavor_t_Class
Enumerator | |
---|---|
CSEC_BOOT_STRICT | |
CSEC_BOOT_SERIAL | |
CSEC_BOOT_PARALLEL | |
CSEC_BOOT_NOT_DEFINED |
Definition at line 173 of file csec_driver.h.
enum csec_call_sequence_t |
Specifies if the information is the first or a following function call.
Implements : csec_call_sequence_t_Class
Enumerator | |
---|---|
CSEC_CALL_SEQ_FIRST | |
CSEC_CALL_SEQ_SUBSEQUENT |
Definition at line 163 of file csec_driver.h.
enum csec_cmd_t |
CSEc commands which follow the same values as the SHE command definition.
Implements : csec_cmd_t_Class
Definition at line 133 of file csec_driver.h.
enum csec_key_id_t |
Specify the KeyID to be used to implement the requested cryptographic operation.
Implements : csec_key_id_t_Class
Definition at line 99 of file csec_driver.h.
status_t CSEC_DRV_BootDefine | ( | uint32_t | bootSize, |
csec_boot_flavor_t | bootFlavor | ||
) |
Implements an extension of the SHE standard to define both the user boot size and boot method.
The function implements an extension of the SHE standard to define both the user boot size and boot method.
[in] | bootSize | Number of blocks of 128-bit data to check on boot. Maximum size is 512kBytes. |
[in] | bootFlavor | The boot method. |
Definition at line 817 of file csec_driver.c.
status_t CSEC_DRV_BootFailure | ( | void | ) |
Signals a failure detected during later stages of the boot process.
The function is called during later stages of the boot process to detect a failure.
Definition at line 753 of file csec_driver.c.
status_t CSEC_DRV_BootOK | ( | void | ) |
Marks a successful boot verification during later stages of the boot process.
The function is called during later stages of the boot process to mark successful boot verification.
Definition at line 785 of file csec_driver.c.
status_t CSEC_DRV_DbgAuth | ( | const uint8_t * | authorization | ) |
Erases all keys (actual and outdated) stored in NVM Memory if the authorization is confirmed by CSEc.
This function erases all keys (actual and outdated) stored in NVM Memory if the authorization is confirmed by CSEc.
[in] | authorization | Pointer to the 128-bit buffer containing the authorization value. |
Definition at line 944 of file csec_driver.c.
status_t CSEC_DRV_DbgChal | ( | uint8_t * | challenge | ) |
Obtains a random number which the user shall use along with the MASTER_ECU_KEY and UID to return an authorization request.
This function obtains a random number which the user shall use along with the MASTER_ECU_KEY and UID to return an authorization request.
[out] | challenge | Pointer to the 128-bit buffer where the challenge data will be stored. |
Definition at line 905 of file csec_driver.c.
status_t CSEC_DRV_DecryptCBC | ( | csec_key_id_t | keyId, |
const uint8_t * | cipherText, | ||
uint16_t | length, | ||
const uint8_t * | iv, | ||
uint8_t * | plainText | ||
) |
Performs the AES-128 decryption in CBC mode.
This function performs the AES-128 decryption in CBC mode of the input cipher text buffer.
[in] | keyId | KeyID used to perform the cryptographic operation. |
[in] | cipherText | Pointer to the cipher text buffer. |
[in] | length | Number of bytes of cipher text message to be decrypted. It should be multiple of 16 bytes. |
[in] | iv | Pointer to the initialization vector buffer. |
[out] | plainText | Pointer to the plain text buffer. The buffer shall have the same size as the cipher text buffer. |
Definition at line 279 of file csec_driver.c.
status_t CSEC_DRV_DecryptCBCAsync | ( | csec_key_id_t | keyId, |
const uint8_t * | cipherText, | ||
uint32_t | length, | ||
const uint8_t * | iv, | ||
uint8_t * | plainText | ||
) |
Asynchronously performs the AES-128 decryption in CBC mode.
This function performs the AES-128 decryption in CBC mode of the input cipher text buffer, in an asynchronous manner.
[in] | keyId | KeyID used to perform the cryptographic operation. |
[in] | cipherText | Pointer to the cipher text buffer. |
[in] | length | Number of bytes of cipher text message to be decrypted. It should be multiple of 16 bytes. |
[in] | iv | Pointer to the initialization vector buffer. |
[out] | plainText | Pointer to the plain text buffer. The buffer shall have the same size as the cipher text buffer. |
Definition at line 1132 of file csec_driver.c.
status_t CSEC_DRV_DecryptECB | ( | csec_key_id_t | keyId, |
const uint8_t * | cipherText, | ||
uint32_t | length, | ||
uint8_t * | plainText | ||
) |
Performs the AES-128 decryption in ECB mode.
This function performs the AES-128 decryption in ECB mode of the input cipher text buffer.
[in] | keyId | KeyID used to perform the cryptographic operation |
[in] | cipherText | Pointer to the cipher text buffer. |
[in] | length | Number of bytes of cipher text message to be decrypted. It should be multiple of 16 bytes. |
[out] | plainText | Pointer to the plain text buffer. The buffer shall have the same size as the cipher text buffer. |
Definition at line 203 of file csec_driver.c.
status_t CSEC_DRV_DecryptECBAsync | ( | csec_key_id_t | keyId, |
const uint8_t * | cipherText, | ||
uint32_t | length, | ||
uint8_t * | plainText | ||
) |
Asynchronously performs the AES-128 decryption in ECB mode.
This function performs the AES-128 decryption in ECB mode of the input cipher text buffer, in an asynchronous manner.
[in] | keyId | KeyID used to perform the cryptographic operation |
[in] | cipherText | Pointer to the cipher text buffer. |
[in] | length | Number of bytes of cipher text message to be decrypted. It should be multiple of 16 bytes. |
[out] | plainText | Pointer to the plain text buffer. The buffer shall have the same size as the cipher text buffer. |
Definition at line 1074 of file csec_driver.c.
void CSEC_DRV_Deinit | ( | void | ) |
Clears the internal state of the driver and disables the FTFC interrupt.
Definition at line 151 of file csec_driver.c.
status_t CSEC_DRV_EncryptCBC | ( | csec_key_id_t | keyId, |
const uint8_t * | plainText, | ||
uint32_t | length, | ||
const uint8_t * | iv, | ||
uint8_t * | cipherText | ||
) |
Performs the AES-128 encryption in CBC mode.
This function performs the AES-128 encryption in CBC mode of the input plaintext buffer.
[in] | keyId | KeyID used to perform the cryptographic operation. |
[in] | plainText | Pointer to the plain text buffer. |
[in] | length | Number of bytes of plain text message to be encrypted. It should be multiple of 16 bytes. |
[in] | iv | Pointer to the initialization vector buffer. |
[out] | cipherText | Pointer to the cipher text buffer. The buffer shall have the same size as the plain text buffer. |
Definition at line 239 of file csec_driver.c.
status_t CSEC_DRV_EncryptCBCAsync | ( | csec_key_id_t | keyId, |
const uint8_t * | cipherText, | ||
uint16_t | length, | ||
const uint8_t * | iv, | ||
uint8_t * | plainText | ||
) |
Asynchronously performs the AES-128 encryption in CBC mode.
This function performs the AES-128 encryption in CBC mode of the input plaintext buffer, in an asynchronous manner.
[in] | keyId | KeyID used to perform the cryptographic operation. |
[in] | plainText | Pointer to the plain text buffer. |
[in] | length | Number of bytes of plain text message to be encrypted. It should be multiple of 16 bytes. |
[in] | iv | Pointer to the initialization vector buffer. |
[out] | cipherText | Pointer to the cipher text buffer. The buffer shall have the same size as the plain text buffer. |
Definition at line 1102 of file csec_driver.c.
status_t CSEC_DRV_EncryptECB | ( | csec_key_id_t | keyId, |
const uint8_t * | plainText, | ||
uint32_t | length, | ||
uint8_t * | cipherText | ||
) |
Performs the AES-128 encryption in ECB mode.
This function performs the AES-128 encryption in ECB mode of the input plain text buffer
[in] | keyId | KeyID used to perform the cryptographic operation. |
[in] | plainText | Pointer to the plain text buffer. |
[in] | length | Number of bytes of plain text message to be encrypted. It should be multiple of 16 bytes. |
[out] | cipherText | Pointer to the cipher text buffer. The buffer shall have the same size as the plain text buffer. |
Definition at line 166 of file csec_driver.c.
status_t CSEC_DRV_EncryptECBAsync | ( | csec_key_id_t | keyId, |
const uint8_t * | plainText, | ||
uint32_t | length, | ||
uint8_t * | cipherText | ||
) |
Asynchronously performs the AES-128 encryption in ECB mode.
This function performs the AES-128 encryption in ECB mode of the input plain text buffer, in an asynchronous manner.
[in] | keyId | KeyID used to perform the cryptographic operation. |
[in] | plainText | Pointer to the plain text buffer. |
[in] | length | Number of bytes of plain text message to be encrypted. It should be multiple of 16 bytes. |
[out] | cipherText | Pointer to the cipher text buffer. The buffer shall have the same size as the plain text buffer. |
Definition at line 1046 of file csec_driver.c.
status_t CSEC_DRV_ExportRAMKey | ( | uint8_t * | m1, |
uint8_t * | m2, | ||
uint8_t * | m3, | ||
uint8_t * | m4, | ||
uint8_t * | m5 | ||
) |
Exports the RAM_KEY into a format protected by SECRET_KEY.
This function exports the RAM_KEY into a format protected by SECRET_KEY.
[out] | m1 | Pointer to a buffer where the M1 parameter will be exported. |
[out] | m2 | Pointer to a buffer where the M2 parameter will be exported. |
[out] | m3 | Pointer to a buffer where the M3 parameter will be exported. |
[out] | m4 | Pointer to a buffer where the M4 parameter will be exported. |
[out] | m5 | Pointer to a buffer where the M5 parameter will be exported. |
Definition at line 591 of file csec_driver.c.
status_t CSEC_DRV_ExtendSeed | ( | const uint8_t * | entropy | ) |
Extends the seed of the PRNG.
Extends the seed of the PRNG by compressing the former seed value and the supplied entropy into a new seed. This new seed is then to be used to generate a random number by invoking the CMD_RND command. The random number generator must be initialized by CMD_INIT_RNG before the seed may be extended.
[in] | entropy | Pointer to a 128-bit buffer containing the entropy. |
Definition at line 677 of file csec_driver.c.
status_t CSEC_DRV_GenerateMAC | ( | csec_key_id_t | keyId, |
const uint8_t * | msg, | ||
uint32_t | msgLen, | ||
uint8_t * | cmac | ||
) |
Calculates the MAC of a given message using CMAC with AES-128.
This function calculates the MAC of a given message using CMAC with AES-128.
[in] | keyId | KeyID used to perform the cryptographic operation. |
[in] | msg | Pointer to the message buffer. |
[in] | msgLen | Number of bits of message on which CMAC will be computed. |
[out] | cmac | Pointer to the buffer containing the result of the CMAC computation. |
Definition at line 319 of file csec_driver.c.
status_t CSEC_DRV_GenerateMACAddrMode | ( | csec_key_id_t | keyId, |
const uint8_t * | msg, | ||
uint32_t | msgLen, | ||
uint8_t * | cmac | ||
) |
Calculates the MAC of a given message (located in Flash) using CMAC with AES-128.
This function calculates the MAC of a given message using CMAC with AES-128. It is different from the CSEC_DRV_GenerateMAC function in the sense that it does not involve an extra copy of the data on which the CMAC is computed and the message pointer should be a pointer to Flash memory.
[in] | keyId | KeyID used to perform the cryptographic operation. |
[in] | msg | Pointer to the message buffer (pointing to Flash memory). |
[in] | msgLen | Number of bits of message on which CMAC will be computed. |
[out] | cmac | Pointer to the buffer containing the result of the CMAC computation. |
Definition at line 359 of file csec_driver.c.
status_t CSEC_DRV_GenerateMACAsync | ( | csec_key_id_t | keyId, |
const uint8_t * | msg, | ||
uint32_t | msgLen, | ||
uint8_t * | cmac | ||
) |
Asynchronously calculates the MAC of a given message using CMAC with AES-128.
This function calculates the MAC of a given message using CMAC with AES-128, in an asynchronous manner.
[in] | keyId | KeyID used to perform the cryptographic operation. |
[in] | msg | Pointer to the message buffer. |
[in] | msgLen | Number of bits of message on which CMAC will be computed. |
[out] | cmac | Pointer to the buffer containing the result of the CMAC computation. |
Definition at line 1162 of file csec_driver.c.
status_t CSEC_DRV_GenerateRND | ( | uint8_t * | rnd | ) |
Generates a vector of 128 random bits.
The function returns a vector of 128 random bits. The random number generator has to be initialized by calling CSEC_DRV_InitRNG before random numbers can be supplied.
[out] | rnd | Pointer to a 128-bit buffer where the generated random number has to be stored. |
Definition at line 714 of file csec_driver.c.
status_t CSEC_DRV_GetAsyncCmdStatus | ( | void | ) |
Checks the status of the execution of an asynchronous command.
This function checks the status of the execution of an asynchronous command. If the command is still in progress, returns STATUS_BUSY.
Definition at line 1226 of file csec_driver.c.
status_t CSEC_DRV_GetID | ( | const uint8_t * | challenge, |
uint8_t * | uid, | ||
uint8_t * | sreg, | ||
uint8_t * | mac | ||
) |
Returns the identity (UID) and the value of the status register protected by a MAC over a challenge and the data.
This function returns the identity (UID) and the value of the status register protected by a MAC over a challenge and the data.
[in] | challenge | Pointer to the 128-bit buffer containing Challenge data. |
[out] | uid | Pointer to 120 bit buffer where the UID will be stored. |
[out] | sreg | Value of the status register. |
[out] | mac | Pointer to the 128 bit buffer where the MAC generated over challenge and UID and status will be stored. |
Definition at line 854 of file csec_driver.c.
|
inlinestatic |
Returns the content of the status register.
The function shall return the content of the status register.
Implements : CSEC_DRV_GetStatus_Activity
Definition at line 530 of file csec_driver.h.
void CSEC_DRV_Init | ( | csec_state_t * | state | ) |
Initializes the internal state of the driver and enables the FTFC interrupt.
[in] | state | Pointer to the state structure which will be used for holding the internal state of the driver. |
Definition at line 133 of file csec_driver.c.
status_t CSEC_DRV_InitRNG | ( | void | ) |
Initializes the seed and derives a key for the PRNG.
The function initializes the seed and derives a key for the PRNG. The function must be called before CMD_RND after every power cycle/reset.
Definition at line 642 of file csec_driver.c.
void CSEC_DRV_InstallCallback | ( | csec_callback_t | callbackFunc, |
void * | callbackParam | ||
) |
Installs a callback function which will be invoked when an asynchronous command finishes its execution.
[in] | callbackFunc | The function to be invoked. |
[in] | callbackParam | The parameter to be passed to the callback function. |
Definition at line 1599 of file csec_driver.c.
status_t CSEC_DRV_LoadKey | ( | csec_key_id_t | keyId, |
const uint8_t * | m1, | ||
const uint8_t * | m2, | ||
const uint8_t * | m3, | ||
uint8_t * | m4, | ||
uint8_t * | m5 | ||
) |
Updates an internal key per the SHE specification.
This function updates an internal key per the SHE specification.
[in] | keyId | KeyID of the key to be updated. |
[in] | m1 | Pointer to the 128-bit M1 message containing the UID, Key ID and Authentication Key ID. |
[in] | m2 | Pointer to the 256-bit M2 message contains the new security flags, counter and the key value all encrypted using a derived key generated from the Authentication Key. |
[in] | m3 | Pointer to the 128-bit M3 message is a MAC generated over messages M1 and M2. |
[out] | m4 | Pointer to a 256 bits buffer where the computed M4 parameter is stored. |
[out] | m5 | Pointer to a 128 bits buffer where the computed M5 parameters is stored. |
Definition at line 502 of file csec_driver.c.
status_t CSEC_DRV_LoadPlainKey | ( | const uint8_t * | plainKey | ) |
Updates the RAM key memory slot with a 128-bit plaintext.
The function updates the RAM key memory slot with a 128-bit plaintext. The key is loaded without encryption and verification of the key, i.e. the key is handed over in plaintext. A plain key can only be loaded into the RAM_KEY slot.
[in] | plainKey | Pointer to the 128-bit buffer containing the key that needs to be copied in RAM_KEY slot. |
Definition at line 555 of file csec_driver.c.
status_t CSEC_DRV_MPCompress | ( | const uint8_t * | msg, |
uint16_t | msgLen, | ||
uint8_t * | mpCompress | ||
) |
Compresses the given messages by accessing the Miyaguchi-Prenell compression feature with in the CSEc feature set.
This function accesses a Miyaguchi-Prenell compression feature within the CSEc feature set to compress the given messages.
[in] | msg | Pointer to the messages to be compressed. Messages must be pre-processed per SHE specification if they do not already meet the full 128-bit block size requirement. |
[in] | msgLen | The number of 128 bit messages to be compressed. |
[out] | mpCompress | Pointer to the 128 bit buffer storing the compressed data. |
Definition at line 980 of file csec_driver.c.
status_t CSEC_DRV_VerifyMAC | ( | csec_key_id_t | keyId, |
const uint8_t * | msg, | ||
uint32_t | msgLen, | ||
const uint8_t * | mac, | ||
uint16_t | macLen, | ||
bool * | verifStatus | ||
) |
Verifies the MAC of a given message using CMAC with AES-128.
This function verifies the MAC of a given message using CMAC with AES-128.
[in] | keyId | KeyID used to perform the cryptographic operation. |
[in] | msg | Pointer to the message buffer. |
[in] | msgLen | Number of bits of message on which CMAC will be computed. |
[in] | mac | Pointer to the buffer containing the CMAC to be verified. |
[in] | macLen | Number of bits of the CMAC to be compared. A macLength value of zero indicates that all 128-bits are compared. |
[out] | verifStatus | Status of MAC verification command (true: verification operation passed, false: verification operation failed). |
Definition at line 403 of file csec_driver.c.
status_t CSEC_DRV_VerifyMACAddrMode | ( | csec_key_id_t | keyId, |
const uint8_t * | msg, | ||
uint32_t | msgLen, | ||
const uint8_t * | mac, | ||
uint16_t | macLen, | ||
bool * | verifStatus | ||
) |
Verifies the MAC of a given message (located in Flash) using CMAC with AES-128.
This function verifies the MAC of a given message using CMAC with AES-128. It is different from the CSEC_DRV_VerifyMAC function in the sense that it does not involve an extra copy of the data on which the CMAC is computed and the message pointer should be a pointer to Flash memory.
[in] | keyId | KeyID used to perform the cryptographic operation. |
[in] | msg | Pointer to the message buffer (pointing to Flash memory). |
[in] | msgLen | Number of bits of message on which CMAC will be computed. |
[in] | mac | Pointer to the buffer containing the CMAC to be verified. |
[in] | macLen | Number of bits of the CMAC to be compared. A macLength value of zero indicates that all 128-bits are compared. |
[out] | verifStatus | Status of MAC verification command (true: verification operation passed, false: verification operation failed). |
Definition at line 450 of file csec_driver.c.
status_t CSEC_DRV_VerifyMACAsync | ( | csec_key_id_t | keyId, |
const uint8_t * | msg, | ||
uint32_t | msgLen, | ||
const uint8_t * | mac, | ||
uint16_t | macLen, | ||
bool * | verifStatus | ||
) |
Asynchronously verifies the MAC of a given message using CMAC with AES-128.
This function verifies the MAC of a given message using CMAC with AES-128, in an asynchronous manner.
[in] | keyId | KeyID used to perform the cryptographic operation. |
[in] | msg | Pointer to the message buffer. |
[in] | msgLen | Number of bits of message on which CMAC will be computed. |
[in] | mac | Pointer to the buffer containing the CMAC to be verified. |
[in] | macLen | Number of bits of the CMAC to be compared. A macLength value of zero indicates that all 128-bits are compared. |
[out] | verifStatus | Status of MAC verification command (true: verification operation passed, false: verification operation failed). |
Definition at line 1191 of file csec_driver.c.